Addition of IFS=$'\n' caused ugly warnings if --register-aws set

[xoebus]

Commit 9fa6d45 added IFS=$'\n' here which causes problems in the load_patterns function on line 52. With IFS=$'\n' and --register-aws set we see the following error when committing:

/usr/local/bin/git-secrets: line 52: git secrets --aws-provider: command not found

We suspect (but did not verify) that this breaks the scanning of credentials found in ~/.aws/credentials.

Adding the following test-case to test/pre-commit.bats demonstrates the error:

@test "Rejects commits with prohibited patterns in changeset when AWS provider is enabled" {
  setup_bad_repo
  repo_run git-secrets --install $TEST_REPO
  repo_run git-secrets --register-aws $TEST_REPO
  cd $TEST_REPO
  run git commit -m 'Contents are bad not the message'
  [ $status -eq 1 ]
  echo "${lines}" | grep -vq 'git secrets --aws-provider: command not found'

  [ "${lines[0]}" == "data.txt:1:@todo more stuff" ]
  [ "${lines[1]}" == "failure1.txt:1:another line... forbidden" ]
  [ "${lines[2]}" == "failure2.txt:1:me" ]
}

Setting IFS=$'\n ' resolves this issue above but breaks the Rejects commits with prohibited patterns in changeset with filename that contain spaces test case.

-- Chris (@xoebus) and Aram (@aramprice)

[xoebus]

Setting IFS within the subshell invoked by load_patterns allows all the tests to pass, and fixes the error we noted above.

diff --git a/git-secrets b/git-secrets
index a02b437..bfce877 100755
--- a/git-secrets
+++ b/git-secrets
@@ -49,7 +49,7 @@ load_patterns() {
   git config --get-all secrets.patterns
   # Execute each provider and use their output to build up patterns
   git config --get-all secrets.providers | while read cmd; do
-    echo "$($cmd)"
+    echo "$(export IFS=$'\n\t '; $cmd)"
   done
 }

[mtdowling]

Thanks for the report and the proposed fix. Can you send a PR?

[aramprice]

Submitted #30

[aramprice]

@mtdowling any idea how quickly this will hit homebrew once the this PR is accepted?